Visit complete Cyber Security roadmap

← Back to Topics List

Tailgating

Tailgating, also known as “piggybacking”, is a social engineering technique used by attackers to gain unauthorized access to secure facilities or systems by following closely behind a legitimate user. This attack exploits the human tendency to trust others and help them out in various situations.

How it works

  • Target identification: The attacker chooses a target building, office, or data center which requires secure access.
  • Observation: The attacker watches for patterns, studying employees’ routines and behaviors, identifying an ideal opportunity to slip in unnoticed.
  • Entry: The attacker waits for a situation where an employee is entering the secure area using their access card, and pretends to have forgotten their card, phone or being preoccupied. The attacker follows the employee entering the area or even asks the employee to hold the door open.
  • Securing Access: Once inside, the attacker may even steal a physical access card or exploit other vulnerabilities to secure long-term access.

Prevention Measures

  • Awareness training: Ensure that employees are aware of tailgating as a threat and the importance of adhering to security policies.
  • Physical security: Implement security measures like turnstiles, mantraps, or security guards to monitor and control access.
  • Access control: Ensure that access cards are unique to each employee and cannot be easily duplicated.
  • Strict policies: Enforce strict policies regarding holding doors open for others or allowing individuals into secure areas without proper credentials.
  • Security culture: Build a strong security culture where employees feel responsible for the organization’s security and report any suspicious behavior.

It is essential to keep in mind that tailgating relies heavily on human behavior and trust. While physical and technical security measures are crucial, fostering a culture of vigilance and employee awareness can be just as effective in preventing such attacks.

Community

roadmap.sh is the 6th most starred project on GitHub and is visited by hundreds of thousands of developers every month.

Roadmaps Best Practices Guides Videos Store YouTube

roadmap.sh by Kamran Ahmed

Community created roadmaps, articles, resources and journeys to help you choose your path and grow in your career.

© roadmap.sh · FAQs · Terms · Privacy

ThewNewStack

The leading DevOps resource for Kubernetes, cloud-native computing, and the latest in at-scale development, deployment, and management.